Privacy Policy (UK)

1) Who we are

Controller: AuctoAdmin trading as TradeAutoBill ("we", "us").
Registered address: [Add address].
Contact: Info@tradeautobill.com.
We are the data controller for personal data processed via tradeautobill.com and our web app.

2) What this policy covers

How we collect, use, share, store and protect personal data under the UK GDPR and the Data Protection Act 2018.

3) Data we collect

Account & billing: name, business name, email, password hash, plan/tier, billing address, VAT number, transaction history.

Your customer data (you input): customer names, emails, addresses, job details, invoice line items, PDFs/attachments.

Usage & device: IP, device/browser, pages/actions, timestamps, crash/diagnostic logs.

Comms: support tickets, feedback, email content/headers.

Marketing (optional): newsletter preferences and engagement (consent-based).

4) How we get it

Directly from you (sign-up, creating invoices, support).

Automatically via cookies/SDKs when you use the site/app (see "Cookies").

From third-party sign-in or payment providers if you connect them (only what's needed to operate the service).

5) Why we use it (lawful bases)

Contract (Art. 6(1)(b)): create/manage accounts, generate/email invoices, core app features, support.

Legitimate interests (Art. 6(1)(f)): improve/security, prevent abuse/fraud, product analytics, service notifications.

Consent (Art. 6(1)(a)): marketing emails and non-essential cookies (withdraw anytime).

Legal obligation (Art. 6(1)(c)): tax/accounting, responding to lawful requests.

We do not sell personal data.

6) Sharing your data

We use vetted processors under contract, including (as applicable): hosting/CDN, database, email delivery, error tracking/analytics, automation, and payments. Examples: [Hosting/CDN e.g., Netlify], [Database e.g., Supabase], [Email provider e.g., Resend/Postmark], [Automation e.g., n8n], [Payments e.g., Stripe], plus professional advisers (lawyers, accountants, insurers). We may disclose data when required by law or to protect rights, safety, and security.

7) International transfers

If data leaves the UK/EEA, we use lawful safeguards: UK adequacy, the UK International Data Transfer Agreement or UK Addendum to EU SCCs, and where relevant the UK-US Data Bridge. Details available on request.

8) Retention

Account data: for the life of the account, then up to 12 months for backups/admin unless law requires longer.

Invoices/records: typically 6 years for tax/accounting.

Support tickets: 24 months after closure.

Logs/diagnostics: 12 months.

Marketing: until you opt-out or after 24 months of inactivity.

9) Your rights

You can access, rectify, erase, restrict, object (incl. marketing), and port your data. You may withdraw consent at any time (doesn't affect prior processing). We don't make solely automated decisions with legal/similarly significant effects. To exercise rights: Info@tradeautobill.com. You can complain to the ICO at ico.org.uk; please contact us first so we can help.

10) Security

We apply appropriate technical/organisational measures: encryption in transit, hardened infrastructure, least-privilege access, monitoring. No system is 100% secure—tell us immediately if you suspect unauthorised access.

11) Cookies

Essential: sessions, CSRF, load-balancing (no consent).

Analytics/functional: performance and feature usage (consent).

Marketing: only if used (consent).

We show a consent banner for non-essential cookies. You can change preferences via "Cookie Settings". A detailed Cookie Policy is available on request.

12) Role clarification (your customers' data)

For customer data you input to create/send invoices, you are the controller. We act as your processor where applicable, under our Terms and this policy. You must ensure you have a lawful basis and your own privacy information for your customers.

13) Children

Business service; not directed to children. We don't knowingly collect data from anyone under 13. If a child's data was provided, contact us to remove it.

14) Changes

We'll update this page if we change how we process data. For material changes we'll notify you by email or in-app. See the "Last updated" date above.

15) Contact & registration

AuctoAdmin
Email: Info@tradeautobill.com